def password_email(user):
"""
For resetting a user's password.
"""
from r2.lib.pages import PasswordReset
user_reset_ratelimit = SimpleRateLimit(
name="email_reset_count_%s" % user._id36,
seconds=int(datetime.timedelta(hours=12).total_seconds()),
limit=3,
)
if not user_reset_ratelimit.record_and_check():
return False
global_reset_ratelimit = SimpleRateLimit(
name="email_reset_count_global",
seconds=int(datetime.timedelta(hours=1).total_seconds()),
limit=1000,
)
if not global_reset_ratelimit.record_and_check():
raise ValueError("password reset ratelimit exceeded")
token = PasswordResetToken._new(user)
base = g.https_endpoint or g.origin
passlink = base + '/resetpassword/' + token._id
g.log.info("Generated password reset link: " + passlink)
_system_email(user.email,
PasswordReset(user=user,
passlink=passlink).render(style='email'),
Email.Kind.RESET_PASSWORD,
user=user,
)
return True
def password_email(user):
"""
For resetting a user's password.
"""
from r2.lib.pages import PasswordReset
user_reset_ratelimit = SimpleRateLimit(
name="email_reset_count_%s" % user._id36,
seconds=int(datetime.timedelta(hours=12).total_seconds()),
limit=3,
)
if not user_reset_ratelimit.record_and_check():
return False
global_reset_ratelimit = SimpleRateLimit(
name="email_reset_count_global",
seconds=int(datetime.timedelta(hours=1).total_seconds()),
limit=1000,
)
if not global_reset_ratelimit.record_and_check():
raise ValueError("password reset ratelimit exceeded")
token = PasswordResetToken._new(user)
base = g.https_endpoint or g.origin
passlink = base + '/resetpassword/' + token._id
g.log.info("Generated password reset link: " + passlink)
_system_email(
user.email,
PasswordReset(user=user, passlink=passlink).render(style='email'),
Email.Kind.RESET_PASSWORD,
user=user,
)
return True
def POST_mute_participant(self, conversation):
if conversation.is_internal or conversation.is_auto:
return self.send_error(400, errors.CANT_RESTRICT_MODERATOR)
sr = Subreddit._by_fullname(conversation.owner_fullname)
try:
participant = conversation.get_participant_account()
except NotFound:
return self.send_error(404, errors.USER_DOESNT_EXIST)
if not sr.can_mute(c.user, participant):
return self.send_error(400, errors.CANT_RESTRICT_MODERATOR)
if not c.user_is_admin:
if not sr.is_moderator_with_perms(c.user, 'access', 'mail'):
return self.send_error(403, errors.INVALID_MOD_PERMISSIONS)
if sr.use_quotas:
sr_ratelimit = SimpleRateLimit(
name="sr_muted_%s" % sr._id36,
seconds=g.sr_quota_time,
limit=g.sr_muted_quota,
)
if not sr_ratelimit.record_and_check():
return self.send_error(403, errors.SUBREDDIT_RATELIMIT)
# Add the mute record but only if successful create the
# appropriate notifications, this prevents duplicate
# notifications from being sent
added = sr.add_muted(participant)
if not added:
return simplejson.dumps(
self._convo_to_serializable(conversation, all_messages=True))
MutedAccountsBySubreddit.mute(sr, participant, c.user)
permalink = conversation.make_permalink()
# Create the appropriate objects to be displayed on the
# mute moderation log, use the permalink to the new modmail
# system
ModAction.create(sr,
c.user,
'muteuser',
target=participant,
description=permalink)
sr.add_rel_note('muted', participant, permalink)
# Add the muted mod action to the conversation
conversation.add_action(c.user, 'muted', commit=True)
result = self._get_updated_convo(conversation.id, c.user)
result['user'] = self._get_modmail_userinfo(conversation, sr=sr)
return simplejson.dumps(result)
